How elite security ninjas choose and safeguard their passwords

There are many ways to manage your digital keys. Here's how five experts do it.

If you felt a twinge of angst after reading Ars' May feature that showed how password crackers ransack even long passwords such as "qeadzcwrsfxv1331", you weren't alone. The upshot was clear: If long passwords containing numbers, symbols, and upper- and lower-case letters are this easy to break, what are users to do?

Ars has largely answered that question already: use a password manager to randomly generate and store long, complex passcodes that are unique for each site you care about. Our how-to provides a thorough primer that should be required reading for anyone who uses the Internet. That said, password security is a highly nuanced undertaking with plenty of room for competing strategies and contradictory imperatives. Is it safe, for instance, to store your encrypted password file in the cloud or to allow your browser to remember frequently used log-in credentials? And what's the best way to manage passwords across a variety of computer operating systems and different smartphone platforms?

Four of these experts said they use some type of password manager to ensure they have a long, complex, and unique password for most accounts they care about. Among these four, however, there was plenty of variation. Grossman, for instance, stores passwords in a plain text file that's stored on an encrypted virtual disk image, and then physically kept on an encrypted USB key.

Unlike LastPass, KeePass, and most other dedicated managers, Grossman's home-made solution offers no way to automatically generate random passwords that meet specific site criteria, such as maximum length or passcodes that don't contain special characters. Grossman says he prefers to generate his own passwords, usually by banging on the keyboard.

"It's a bit more cumbersome than most would want to deal with, but it works nicely for me," he said. "Random length of letters, number, symbol, cap, etc. Doesn't really matter as long as it's 'very strong' because my password storage strategy doesn't require me to remember the vast majority of them."

Goldberg, Schneier, and Gosney also said they use password managers to generate and store many of their most important passwords, but all three chose different products. Not surprisingly, Goldberg employs 1Password, which he said synchronizes passwords across all major platforms he uses. "The only exception are my FreeBSD systems, but I don't typically do Web browsing from them, and copy/pasting into an SSH window does the job for me," he said. Schneier, meanwhile, uses the PasswordSafe application he helped develop, while Gosney has recently begun using LastPass.

The only one of the security experts who eschews a password manager is Desautels, who said he prefers to remember his passwords or, when possible, use "proximity tokens" with one-time passwords to log in to his computer.

"Most services that offer password management are built on technology that is vulnerable at some level," he explained. "I don't trust the technology as it is, and certainly won't trust it with sensitive credentials if I have the choice. I use different passwords for each account. I try to make my passwords as long as possible while keeping them easy for me to remember." His longest password is 63 characters long.

Schneier said he sometimes also forgoes the benefits of a password manager in favor of passcodes that are easier to remember. He told Ars he still stands by a scheme he first laid out in 2008. It involves picking a long, memorable sentence and turning it into a password. "This little piggy went to market," for instance, might become "tlpWENT2m". In June, in a blog post responding to my password cracking feature, he offered other examples of passwords that are both memorable and hard to crack: "When I was seven, my sister threw my stuffed rabbit in the toilet" becomes "WIw7,mstmsritt..." and "Long time ago in a galaxy not far away at all" becomes "Ltime@go-inag~faaa!". Schneier said he still stands by the advice, although he cautions people to pick their own long sentences. No doubt, the phrases and corresponding passwords he chose in his posts have already been folded into crackers' word lists, so readers shouldn't consider them strong. Schneier said he also stands by advice he published eight years ago to write passwords down on a piece of paper and store it in a wallet or other safe location.

A roll of the dice

Another way to pick passwords that are both strong and memorable is to use a method known as diceware to string together a list of randomly chosen words. An example might be "amend linen chef leery ali" preferably with spaces unless the specific password policy prevents it.

"To get strength, there must be something random in the process," Goldberg said. "I roll dice (or do the electronic equivalent) to pick four or five words from a word list. It is important that the words really be selected through some external random process (like a random number generator or rolling dice). Then I misspell at least one of those words."

Still, Goldberg said he prefers to use long, randomly generated passwords whenever possible.

"For things that I don't have to remember, I go with about 23 characters unless the site has a smaller maximum," he said. "I picked 23 because finding a truly randomly chosen password of that length takes about as many guesses as finding a 128-bit encryption key. Anything stronger is just a (harmless) waste."

Gosney, meanwhile, employs a different strategy for passwords he must remember, as long as they don't protect accounts he considers highly critical. It involves using several different common basewords with various transformations applied to make each one sufficiently unique.

Another challenge to secure password management is synchronizing passcodes across multiple devices, especially when they run on vastly different platforms. As stated earlier, Goldberg tackles the challenge by using 1Password, which works on the Windows, Mac OS X, iOS, and Android operating systems. LastPass offers even more flexibility, running on Windows, OSX, Linux, iOS, Android, Windows Phone, and Blackberry.

For those who don't want to use a password manager, another option for handling passwords on different devices is to use the advanced sync settings in the Google Chrome browser.

"I use Chrome, which encrypts saved passwords in its local database," Gosney said. "I also permit the browser to sync my passwords with my Google account. I have configured Chrome to encrypt all synced data using a separate sync password instead of my Google account password. The sync password is never sent to Google, so my data at Google is secure."

To be sure, such methods aren't for everyone. Several of the experts said they're not comfortable storing passwords, even if encrypted, in the cloud.

"When you put a lot of valuable stuff in a single location, that location becomes really interesting to criminals," Desautels said. What's more, "putting all of your passwords in one location means that someone with a subpoena (or not) can snag them."

There's also the issue of trusting Chrome or another browser to store a large cache of passwords.

"If someone steals my computer and/or forces me to hand over my root password, I don't want them to have all my other passwords as well, which would be stored locally," Grossman, who focuses on Web security, said. "Secondly, I've seen and developed too many browser hacks that can rip saved passwords out of the app very quickly just by visiting the wrong site, or clicking the wrong link." An example of such an attack from 2010 is here.

Carpe Diem

A few miscellaneous tips not already covered: Treat the answers to security questions as secondary passwords. That is, instead of naming the real high school you graduated from, pick a long phrase such as "arNEsISIon" instead. Just be sure to store the fake answers in your password manager or other safe location. Another suggestion is to use a dedicated e-mail address for all critical accounts, and don't use it for any other purpose. If strange or suspicious e-mails arrive in the inbox, that may be an indication of a serious breach somewhere. Last, consider keeping a backup copy of all passwords with a lawyer, spouse, or other trusted person. It's not a pleasant thought, but some day we're going to die. Passwords for bank accounts, retirement assets, and other important accounts should be a core part of any estate planning. Last, and most crucially, consider using two-factor authentication whenever possible.

For more than a decade, tech visionaries have predicted the death of the password as the primary means for proving our identity on the Internet. Until that day finally arrives, readers should remember that the pain of generating and securely storing crack-resistant passwords is much more the result of this highly imperfect means of authentication than the frailty of the billions of people who rely on it.

"The problem isn't the management and storage of usernames and passwords," said Desautels. "The problem IS that we're using usernames and passwords. Usernames and passwords are just a horrible and arcane method of authenticating someone."

Promoted Comments

Knowledge of how password cracking software works can also be of assistance when trying to pick a secure password.

The first thing is, classical computers take time to crack (good) passwords. So, if you do absolutely nothing else, at least change your passwords frequently (maybe every 2-3 weeks). That number is just an estimate, though, and the speed with which a cracker could get your password from a hash is ultimately unknowable, since crackers could speed up the process by simply adding more computing power to the task. Therefore, if you even suspect someone has gained access to your password's hash, change the password immediately.

Also, the theoretical-for-now quantum computers would be able to solve these types of computational challenges much faster than classical computers would. For another good read, see Ars' previous article on Adiabatic Quantum Computing: http://arstechnica.com/science/2007/02/7008/

Second, the software can allow the cracker to specify the minimum and maximum password lengths to try. If the max and min allowed can be found from the login page, then the cracker can just set those values. However, if the max and min are not known ahead of time, the default setting in the software is probably set to something like 2-6 or 2-8 characters. This lends favor to the idea that Goldberg mentioned of using several long words strung together, rather than a random collection of letters, numbers, and symbols. As always, there's a relevant xkcd for that: https://xkcd.com/936/

Third, rainbow tables are lists of words (usually in a certain language / languages) that can be loaded into the cracking software, allowing the software to take further shortcuts, and likely cracking passwords much more quickly if the password contains an included word. This is why it's also a good idea, as Goldberg mentioned, to misspell at least one of the words that you string together. I, personally, might also just add some numbers or other symbols into the mix.

One fun trick is to include symbols in your passwords that are not part of the standard keyboard used in your locale. This may or may not work, however, depending on the user interface that you have to navigate when entering your password. If the system does allow it, though, you can enter ASCII characters by pressing and holding alt, then typing the ASCII code on the numeric keypad. Alt + 168, for example, results in: ¿

And one final piece of advice... never forget the physical layer (aka "the real world" )! If crackers can gain physical access to a device, the game is basically over at that point. That's why I'm also firmly in the "don't keep all your passwords in a central location" camp.